Re: [NOT NEWBIE]launching tasks as root
Re: [NOT NEWBIE]launching tasks as root
- Subject: Re: [NOT NEWBIE]launching tasks as root
- From: Peter Sichel <email@hidden>
- Date: Wed, 2 Oct 2002 10:12:41 -0400
At 7:35 PM -0500 10/1/02, Charles Srstka wrote:
Thank you all for your help! This will be much more elegant than using sudo.
You're welcome. I omitted one detail below others may find helpful.
To use NSTask as opposed to AuthorizationExecuteWithPrivileges
to launch and control a privileged command, you would need to
first set your small unix tool to be suid root. This is how
IPNetMonitorX does it.
Kind Regards,
- Peter
On Tuesday, October 1, 2002, at 07:27 PM, Peter Sichel wrote:
At 6:11 PM -0500 10/1/02, Charles Srstka wrote:
When I launch a task with AuthorizationExecuteWithPrivileges(),
the actual UID of that task is the same as the currently logged-in
user, but the effective UID is root. Unfortunately, the vsdbutil
tool requires the actual UID be root. Is there any way I can
launch a task with an actual UID of root without resorting to
using sudo?
Thanks in advance,
Charles
Since your effective UID is root, you can write a small unix tool to
run your task and pipe back the results. Within your tool,
set your UID to be root before using execv to run vsdbutil.
// Run vsdbutil from a privileged process and pipe back the results.
// Notice we don't use fork() since we want to replace ourselves so
// the caller can retain control using NSTask.
setuid(0);
execv("/usr/sbin/vsdbutil", argv);
See Stevens "Advanced Programming in the UNIX Environment" for more info
on setuid() and execv(). With this technique, you can use NSTask to
launch and control any privileged command.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.